package com.market.fleamarket.interceptor;

import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class AuthInterceptor implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        // 登录/注册接口无需拦截
        String path = request.getRequestURI();
        if (path.startsWith("/api/users/login") || path.startsWith("/api/users/register") ||
                path.startsWith("/api/users/guest-login")) {
            return true;
        }

        // 静态资源放行
        if (path.startsWith("/css/") || path.startsWith("/js/") || path.startsWith("/images/") ||
                path.startsWith("/assets/") || path.endsWith(".css") || path.endsWith(".js") ||
                path.endsWith(".png") || path.endsWith(".jpg") || path.endsWith(".jpeg") ||
                path.endsWith(".gif") || path.endsWith(".ico")) {
            return true;
        }

        // 公共页面放行
        if (path.equals("/") || path.equals("/login") || path.equals("/register") || path.equals("/products") ||
                path.equals("/logout") || path.equals("/guest-logout") || path.startsWith("/product-detail") || path.equals("/test-review-api") ||
                (path.startsWith("/api/products") && isGetMethod(request)) ||
                (path.startsWith("/api/reviews") && isGetMethod(request)) ||
                (path.startsWith("/api/categories") && isGetMethod(request))) {
            return true;
        }

        HttpSession session = request.getSession();
        Object user = session.getAttribute("user");

        // 未登录，跳转到登录页
        if (user == null) {
            response.sendRedirect("/login");
            return false;
        }

        String role = (String) session.getAttribute("userRole");

        // 游客角色限制
        if ("guest".equals(role)) {
            // 游客只能查看商品信息和评价，不能进行其他操作
            if (path.equals("/products") || path.startsWith("/product-detail") ||
                    path.equals("/guest-logout") ||
                    (path.startsWith("/api/products") && isGetMethod(request)) ||
                    (path.startsWith("/api/reviews") && isGetMethod(request)) ||
                    (path.startsWith("/api/categories") && isGetMethod(request))) {
                return true;
            } else {
                response.sendError(HttpServletResponse.SC_FORBIDDEN, "游客用户无法执行此操作，请注册或登录");
                return false;
            }
        }

        // 用户管理接口需要系统管理员权限
        if (path.startsWith("/admin/users")) {
            boolean isSystemAdmin = "admin".equals(role);
            if (!isSystemAdmin) {
                response.sendError(HttpServletResponse.SC_FORBIDDEN, "需要系统管理员权限");
                return false;
            }
        }

        // 管理接口需要管理员权限
        if (path.startsWith("/admin")) {
            boolean isAdmin = "admin".equals(role) || "category_admin".equals(role);
            if (!isAdmin) {
                response.sendError(HttpServletResponse.SC_FORBIDDEN, "需要管理员权限");
                return false;
            }
        }

        return true;
    }

    // 判断是否为GET请求
    private boolean isGetMethod(HttpServletRequest request) {
        return "GET".equalsIgnoreCase(request.getMethod());
    }
} 